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(if) A pay pas' use system for fh§ prsvenisors of ibs 
urmiSKSized use of computer software. An en- 
cryption program encodes oriejnai software to 
produce sssaxl software. The encoding is sc- 
cojnplisheo' by ossftg cryptographic ieoftnkssjos. 
In ordar to use She software, a am rmjst eaii a 
telephone, number to meeive the cryptographic 
ksys necessary to decrypt the secured software. 
Thus, osons (mst pay to each use of fee sec- 
urasd software, Th« system $®&m software de- 
velopers to freely distribute' the secured 
software. Copies of the secured software may 
be freely mads, because payrfseni is based or? 
each use of tn& software rsot: on each copy of 
Jim software. 
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of the Invention 



This invention relates generally to toe protection 
of computes" software from liiagai copying. Mora par- 
ticularly, this invention relates to a pay par uss pro- 
tection technique ?r* Thiers a user must mate a tele- 
phone oaf! in order to use protected software. 

Saokground of the invention 

Software piracy,, the iiiegei copying of commer- 
cial computer programs, is a major problem in the per- 
sonal computer industry. Software developers eur- 
mnfly hav« three ■ common techniques to prevent ille- 
gal copying of their software The first is me use of 
hardware "keys". These keys are devices that attach 
to a computer's printer port. Before starting, the soft- 
ware attempts to query tha key. If there is no re- 
sponse, or m incorrect response, the software will 
no! start. The second technique is the use of a key 
disk. This is like a hardware key, except the key is- a 
floppy disk that most bo in the computer's disk drive, 
A iff i rd Is din igue is f o sell copy-protested sof f ware, lis 
this techniOjee, the developer puts the program en a 
floppy disk in such a 'form that a direct copy of the disk 
wiii produce an Incorrect copy of the software. 

M of the above mentioned teehniqess have prob- 
lems, They require developers to incorporate piracy- 
protection into their programs. They are brittle, mean- 
ing that ones a single copy with the protection elrcum- 
verdsd exists, the protection Is useless. Also, they 
cause inconvenience to: legitimate users of the soft- 
ware. An ideal protect ion scheme would make it im- 
possible for people to use commercial software Ille- 
gally, without posing any inconvenience to the devel- 
oper or the user of the software. 

Generally, the present invention provides a tech- 
nique which is close to the Ideal, it is cased upon dis- 
tributing software in such a way that users must call 
a telephone number to get the software to work. If the 
telephone caii is to a. number w hich results in a per call 
service fee, such as a "SOO" number, then making the 
call guarantees that the users pay for the us® of the 
software, 

Mem specifically, an encryption program com 
verts any existing program into a new program called 
the secured software. The secured software is a pro- 
gram that contains the original software in encoded 
form. The encryption program, when constructing the 
secured software, both compresses and encodes the 
original program, The compression removes most of 
the redundancy, making coda-breaking difficult and 
reduces the size of fee secured software. The resum- 
ing program contains the original software in a com- 
pletely unreadable fonrs, 



The developer may then a-.si rlhute the secures 
software freely. To use the software, -be user calls a 
telephone number, ffom which she use; gets a num- 
ber that the secured son were uses to decoce the en- 

5 erypted computer program. This telephone numser 
may bo a number (hat results Irs a par caii service lee. 
In which case ihe acl of making the caii guarantees 
thai I he user pays; for She use of the software, 

Severas variations are posses For e*ampSe. the 

w secured software may control dialing the telephone 
number shrr-ugh a modem and tunning the coda 
transaction automatically, A single call might incre- 
ment a counter In the software to allow multiple uses. 
Free •eiephone service, such as an "800" number, 

<s could readily he provided thmugh which potantlai 
users; can download secured software. Additional 
services might be react iiy provieed. 

To the software developer. She present invention 
pfovidas an additional dssirlbudon source for whie'ri 

29 there is little cost -the encryption program In :is sim- 
plest form does not have to be incorporated Into shs 
sofl were To the user, there is no difficulty with back- 
ups; and no dangero? losing a harowara or floppy disk 
key. Ail that is needed to run the sol t ware is a shone 

28- caii, "fne user also has the option of trying out the 
software before sconcing a considerable amount to 
purchase It 

so 

Fig, 1 is a block diagram of an implementatfan Of 
the system of the present Invention, 

Fig, 2 Is a block diagram illustrating software reg- 
istration and gene-ration of secured software, 
38 Fig. 3 is a block diagram of a first embodiment of 

a pay per use software validation technique. 

Fig. 4 Is a blockdiagram of a second embodiment 
of a pay per use software validation technique adding 
random number generation by the validation system 
40 Fig, 5 is a bSoekdiagram of a third embodiment of 
a pay per use software validation technique adding 
encryption of the generated random numbers, 

Baiailad Description 

4$ 

This Invention Is described with reference f.o vs- 
nous data encoding and decoding techniques. Thus, 
a brief explanation of basic cryptography foSSows, 
Cryptographic systems generally transform data 

w -through the use of two basic elements, a crypto- 
graphic algorithm and keys. The cryptographic algo- 
rithm contains procedures for encoding and decoding 
the data. These encoding and decoding procedures 
are generally identical or may consist of the same 

55 steps performed in reverse order. The keys, which are 
selected by the users, consist of a sequence of num- 
bers or characters, which are used by tne crypto- 
graphic algorithm to code and decode the data. In the 



2 



3 



BP 0 SS3 8iV5 A2 



4 



following detailed description we discuss two types of 
cr yptograp h ic systems.. 

The first type of system is the singie key system. 
In this type of system a single key is used he both data 
encoding and decoding. Thus, in orderto ensure pro- 
tection, this Key must be kept secret. In this descrip- 
tion we refer Is the Data Encryption Standard (OES) 
single key technk?us> This is a data encr ygtlon tech- 
nique which has seen accepted as a standard by the 
National Bureau of Standards, and is well known to 
m». skiiied in the art of cryptography. 

Another type .of system is a public key system. In 
this type of System, instead of using one key for both 
data' encoding and decoding, two keys are used, one 
to encode the data and one la derioda the data. Gen- 
erally one key Is maiSe public and one. key- is kept pri- 
vate. If the public key is used to snoods the data, then 
the private key is used to decode the data, and vice 
versa. An important aspect of this type of system is 
that it is impossible to deduce the private key f mm the 
public key, Public key cryptography is also weii known 
to on« skilled in the art of cryptography. 

Th» data encryption and decryption technic-oes 
we discuss hete eye for illustrative purposes. Various 
other techniques could be substituted for those de- 
scribed herein without do parting from the scope and 
spint of the invention. 

Fig, 1 illustrates one possible implementation of 
a system scooping to the present invention, The sof t- 
ware validation system 100 comprises a central proc- 
essing, unit 102, a memory unit 110, and a modem 
104, The central processing unit 102 Is connected to 
the modem 104 and the memory unit 110. The mem- 
ory 110 contains software registration program code 
111 to Implement the functions required duhng the 
software registration process, software validation 
program code 112 to Implement the functions re- 
quired during the software validation process, and a 
storage area 113 for the storage of software identifi- 
cation Information and associated keys. The modem 
1 04 is used to transmit date to and receive data from 
the software developer system 1 20. and the software 
user system 140. 

The software developer system 120 composes a 
central processing unit 124, a modem 122, and a 
memory obit 130.- The central processing unit 124 is 
connected to the modem 122 and the memory unit 

130. The memory onil 130 contains original software 

131, an encryption program 132, and secured soft- 
ware 133 after it is generated, The original software 
1 31 is the software the developer wishes to register 
and protect. The encryption programs 132 is the pro- 
gram which interacts and communicates with the 
software validation system 100 during software reg- 
istration and generation of the secured software 133. 
The seeored software 1 33 contains an encr ypted ver- 
sion of the original software 131 along with user vali- 
dation software, This user validation software is pro- 



gram cods that will Interact and communicate with the 
software validation: system 100 during software vali- 
dation. These f unctions ara described below in con- 
junction with Figs, 2-8. 

5 The software validation system 1 00 and the soft- 
ware developer system 120 communicate with each 
other over a communications network 160 through 
the modems 104 and 122, in one embodiment, the 
communications network 160 is a public telephone 

■?« line. 

The user system 140 comprises a centre! proc- 
essing unit 144, e modem 142, and a memory unit 
I SO, The central processing unit is connected to the 
modem 142 and the memory unit ISO. The memory 

<s unit ISO contains a copy of she secured soft ware 151, 
which comprises doth f ho encrypted original software 
and the user validation software as discussed above. 
This secured software 151 is a copy of the secured 
software 133 which was generated by the software 

a 1 developer system 120, 

'The validation system 100 and She user system 
1 40 communicate with each other over a communica- 
tions network 170 through the moderns 104 and 140, 
In one embodiment, this communications network 

n- 1 ?Q is a public telephone line, and the communication 
is initiated by the user system: 140 dialing a telephone 
number which results in a per call service fee (e.g. a 
fee setter dialing a "800" number j, This ceil would en- 
sure that ths user pays for each use of the soft ware, 

38 The generation of the secured software 133 and 
the registration of the software with the software va- 
lidation sysferc is o'escribC'd with reference to Fig, 2, 
The broken line 202: represents the separation be- 
tween the software developer system 120 and the 

38 software validation system 100. Figure elements 
shown above iine 202 represent functions which are 
performed fey the software validation system 1 00 by 
execution of the software registration code 111, and 
figure elements shown bekrw line 202 represent fyno- 

*> lions which are performed oy the software developer 
system 120 fey execution of the encryption program 
132. Data which Is sent between the two systems 
must be transmitted across the communications net- 
work 180, The transmission of data over the commo- 
ns nleations network 180 is represented In Fig, 2 by lines 
crossing dividing line 202, 

The first step 210 Is for the software developer to 
collect software identification Information,. This infor- 
mation consists of the name of the software, the 

m name of the software developer, the address of the 
software developer, and any other information which 
may be desired. This information is transmitted 
across the network 160 to the software validation 
system 100. In step 204 the software validation sys~ 

ss fern 100 will store the software Identification informa- 
tion in memory 113 and will select the next 10 number 
for the software. This ID number is any unique Idon- 
tiflerforihe software. The validation system 100 then 
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generates- a random pu&iks&Hvsfe key pair ar«t gen- 
erates a random DES key in step 206. 

The generated randam private key and ifm gerr- 
seated random DES key are stored in the software 
registration system memory 113 along with the soft- 
ware 10 number in step 206.. Returning now to the 
software devefeper system 120, the origins! software 
220 iis converted Soto a packed fsie in mp 218. The 
method used to pack tho orjg Snai software may ha any 
suitable data compression technique, such as Huff- 
mars encoding, which is weii known i« the art This 
compassion removes most el the rsduftfteacy in the 
software, making code breaking dlff ieuli end reduc- 
es the siisa of tho secured software. The fife header 
from this packed file is then encrypted so step 212 us- 
ing the DES key generated by the software validation 
system, Only the file header is encrypted since the 
packed file cannot be unpacked wilhout the fife head- 
er. Thus, sof f ieient protection is- ensured by eocrypt- 
ing only the ftie header. The packed hie body and the 
DES encrypted header which were generated by the 
software developer system 120, and the public key 
and the software IB which were generated by she 
software validation system 100, are then used to 
build the secured software in step 214, The secured 
software 218 may then be distributed to users for use 
in accordance with the invert tic n. Jri cfder for a user 
to use the seoursd software, it: most he wtmtwi into 
en executable module in accordance with the present 
invention. 

A first embodiment of a pay per use validation 
technique is described j ft conjunction with Fig, 3, The 
bmkeo Sne 302 represents a separation between the 
software validation system 100 and the user system 
140, Figure elements shewn above llm 302 represent 
functions performed fey the software validation sys- 
tem 100 by execution of the solfwwe validation code 
112, and figure elements shown below fine 302 rep- 
resent functions performed by the user system 140 
tsy execution of the user validation software portion 
of the secured software 161 Any data which is 
passed between the pay per use vaiidation system 
100 and the user system: 140 Is represented by lines 
crossing dividing tine 302 and must be transmitted 
over the communications network 1 ?Q. Data is most 
vulnerable to unauthorized access by an unautho- 
rised user when it is transmit ted over the communi- 
cations network 170, 

The first step 31$ is to transmit the software ID 
number to the validation system 100, This Is the 
unique ID number which was assigned to the soft- 
ware during the generation of the secured software 
(described in conjunction with Fig 2), Sn step 308 the 
validation system 100 will use this ID number to credit 
the software developer's account for the use of the 
software. As discussed above, in one embodiment of 
the invention, a user must call a per call service fee 
telephone number in order to initiate communication 



over me communications no* work :?0 Tnus, the 10 
nurnoe? allows She valuation system 100 So credit She 
account of tbe eeveiope ■'<:•• the software which is See- 
ing vacated, Hus ID numDer is also used to look up 

5 the private key in step 304 and the OSS key in step 
300. :)c?h of wh:Oh were genasaied and stereo in she 
validation system memory 1 ; .3 during she software 
registrators anc generation c; the secured software, 
The user system generates a random number 

■m (R1> in step 320 and encrypts thai: ranoom number 
win she public key in step .5:6, Tne randofn ssumber 
:s encrypted so that when :t is transmitted to tne va- 
lidation system 3 00 Ov.'er tne communications net- 
work 170, a parson atsemp-ing circumvent She p?o- 

<s section scheme could not sus.efcesM she tandem num- 
ber, The vshdahofi system 1 00 wsii use the private key 
ostained in step 304 to oecryot the random number 
generaied sy the secomo software in step 3'iO. The 
decrypted ranuorn number {Rii is ihen exclusive 
ORed wsih the P£S key in step 312. FhiS rssuits in a 
DES key masked by the random number generated 
by tne user system. This masked DES key is then en- 
orypseo with the private key in step 314 and transmit- 
ted to the user system i-10 over the communications 

i*s network 1 -'0. T ne user system w:ii then use the public 
key to decrypt me masked 0£S key -.r- step 322. Tne 
resell a, me DES Key masked by - be random number 
{R-i}, This masked DES key is then unmasked by ex- 
clusive OR !ng it vvlth therancjem number {Rt; in step 

so 324 The result is an up masked, unencrypted DBS 
key. Tnis is she same DOS key svhicn was used to en- 
crypt tbe engine! software, "f Ste DES key if; tben sjsed 
to decrypt tne es-^eryoted Isle neaoer sn step -326. Tne 
resuit is an unencrypted tile beadef which is then 

3S user: ft; unpack She packed ■ iie body in siep 323. The 
result is a sof twase executable file whict; mey then be 
executed 330 on the user system. 

As discussed above, she weakesi points in ibis 
vaiidation process are wtiere data is transmsSieo 

48 sscroes ihsj communications; neiwork 17f3 because it is 
at these po^Ss that an unauthorszed user couid s^ost 
easily ahempi to infarcept and record tne data thai is 
being irarsstrsitled One way to cifeumvem the se- 
cured sc-i'Swsre pictec-ton would be to aiter ft« ran- 

4$ dorn svumher generation postion of the user vaisdat-on 
code in the secured &otiw3fs Hv; so xtmi ts-e same 
random ajjrnber is ;5ivvays e ( ene!a!ec. ^nen -he iise? 
ijatis; the seiepnene f^usnber once, OiVifiO tne f ixed r;?,f;- 
desrs number and records what somas back. S-noe tne 

su prografV) has bean altered to always ger^erate -hfs 
same rsirsciorr? niimher. :i;c informetion tna- was r-^- 
ctiitied is provide;^ tc, she seiiurec software upen esjer- 
subsecsuent execut;cn. One scneme to pcevent socn 
unauthonzed use is descriheo sescw In conjunction 
wllb a second emnc.-cimeni a? a pay per us^e vaildaiic-n 
seenniijue, 

": 'ms seco:-:d embodisrsanS is des^crlbed in coniunc- 
ison With Fsp.. 4. mis as-noodiment. a second fasidcsv; 
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number is generated m the validation system 100, 
This random number Is concatenated with the random 
number from the user system 140, and the combined 
random number is used to mask and unmaskihe DES 
Key, This wi8 be clear from the following description 
of IS is embodiment ki conjunction with Fig, 4. This 
second embodiment ss similar to the first embodiment: 
shows-: in Fig, 3, Thus, only the differences between 
the two embodiments will be discussed hers- tike 
numbered elements in Fsojs. 3 and 4 perform like 
functions, 

in me second embodiment, doth the validation 
system 100 and the user system 140 generate ran- 
dom 'numbers at Steps 320 and 332. in step 334 the 
validation system 1 09 concatenates the random nurm 
ber (R1) it generated and the random number IR2) 
generated by user system. The. requiting random 
number (R1 R3) is then exclusive OBsd with tne DES 
key in step 312 to produce a masked DES key as dis- 
cussed in conjunction with Fig, 3. The user system 
140, like the validation system 100, concatenates me 
random numbers' R1 and R2 in step 336, The resulting 
random number (R1R2) is then used to unmask the 
DES key in step 324 as discussed above in conjunc- 
tion with Fig. 3, The remainder of the functions Of em- 
bodiment two sre the seme as described in confifnc- 
•ion with enibodimeni one and fig. 3. 

This second embodiment as shown in Fig. 4 adds 
extra protection 'to the first embodiment discussed in 
conjunction with Fig. 3, Since the validation system 
1 DCS also generates a random number and then con- 
catenates that random number 'with the random nunv 
her generated by the user system 140, the masking 
of the DES key depends upon both generated random 
numbers. Thus, even if a user moid fix. the random 
numbered generated by the secured software to be 
the same each time, the random number generated 
by the validation scheme would be different and 
therefore, the user could not correctly unmask the 
DES key. 

A third embodiment of a validation technique -ac- 
cording to the present invention is discussed in con- 
junction with Fig. 5. This -embodiment adds several 
features to the embodiments shown in Figs, 3 and 4, 
The random number <R1) generated in the validation 
system 100 is encrypted before being transmitted to 
the user system 140, Also, the random number (R2j 
generated by the user system 140 is- not itself trans- 
mitted to the validation system 100, These details wiii 
become clear from the following discussion ef Fig, S, 
The elements of the- embodiment shown In Fig. S 
which am the same as those already discussed in 
conjunction with Figs, 3 and 4 will not be discussed 
in detail here. Only the additional steps of the embodi- 
ment shewn in Fig, § will be described below. Ele- 
ments in Fig. 5 with like numbers to elements in Figs, 
3 and 4 perform like functions. 

Referring now to Fig, S , the random number (Bt) 



generated by the validation system in step 332 is en- 
crypted with the private key in step 340 before being 
transmitted to the user system. The encrypted ran- 
dom number is decrypted by the user system in step 
5 346 and is then concatenated in step 338 with the ran- 
dom number (R2) generated by the user system in 
step 320, The resulting concatenated random number 
(R1R2) is then encrypted with the public key In step 
'318 and transmitted to the validation system. The on- 
to cr ypted random number is then decrypted by the va- 
lidation system in step 310, The validation sy stem, in 
step 342, then checks to determine whether the ran- 
dom number It generated In step 332 {R1> is the same 
as the R1 portion of the random -number returned by 
<s the secured software. If R1 has been modified, it: in- 
dicates that the random number has dean manipulat- 
ed in some way by the user in an attempt to defeat the 
protection, and the process is halted. Otherwise, the 
validation system: uses the concatenated random 
;>n number to mask the DES key in step 312, The system 
then continues In a manner similar to that explained 
above in connection with the embodiments of Figs. 3 
and 4, 

in the embodiment of Fig, 5, the random number 

as- (R1) is encrypted before being transmitted from the 
validation system to the user system. Similarly, the 
concatenated random number R1 R2 is encrypted be- 
fore being transmitted from the user system to the va- 
lidation system. Note that the random number {R2> 

38 generated by the user system is never Itself transmit- 
ted to- the validation system, These techniques make 
it more difficult for an unauthorised user to defeat the 
protection scheme by altering the random number 
generated by the user system 140, 

38 There are other possible techniques, for the pre- 

vention of piracy by altering the random number gen- 
eration. One technique is to not generate or keep a d i~ 
reel; complete copy of the random number in the user 
system. This approach will make it difficult for a user 

*> to determine exactly what the current random number 
is by directly examining memory. For example, the 
random number could be provided by adding or exclu- 
sive ORing several bytes in memory. The random 
number is then generated in the user's system only 

4$ when needed and only one byte for word) at a time ex- 
ists in a readable form in the system. Another techni- 
que to preventthe altering of the random number .gen- 
eration is to do a cyclical redundancy check of the se- 
cured program code to make sure it has not bean 

m modified to provide a fixed random number. Another 
technique is to Include as pari of the random number 
some easily verified information,, such as the approx- 
imate time. Then, when the secured software code 
uses the random number, it can determine If the time 

ss information is correct, if not, the random number may 
have been altered and the system could abort. These 
techniques for preventing piracy through the random 
number generation are given as examples only and 
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are not exhaustive. One. skiited- in the art could imple- 
ment these, and other techniques in ero'erfo prevent 
piracy through. roaaiptMioa of ihe random numbers 
generated fey the user system 140 and the software 
validation system 100. 

•Another soseibte way to attempt to circumvent 
the software protection could be to examine 
of the user system after the DES key is received and 
decoded, This approach might .reveal the DES key 
and could renderth® soeurity features of the system 
.ineffective. There are several techniques which would 
prevent this piracy. One technique is to splli the pro- 
gram code into severs! segments each with « sepa- 
rate DBS key. The above deecHbed decryption tech- 
niques could be repeated sevsrai times t» prevent' 
having all necessary DES keys in memory simultane- 
ously, Another technique would he to store segments 
of the DES key in several pieces in memory so as to 
make finding me entire DES key more difficult. An- 
other technique makes- use of the fact She!: storing 
segments of the DES key in indirect form in memory 
will make 'determining the key difficult For' example, 
by exclusive ORin§ sections of me key with other ran- 
dom sections of memory when needed, would pre- 
vent en exact copy of any part of the DES key from 
ever existing In memor y. Examination of severs! loea- 
iions In memory wouid be necessary to determine 
each byte of the DES key. One skilled in the art could 
I rnpiement those and other techniques to prevent pir- 
acy by examining memory to determine the DES key. 

.Another passible piracy technique could be to ex- 
amine arsd copy the memory of the user system after 
the secured software has been decoded. At this point, 
the origins! software exits in an executable format in 
she user system. There are several possible techni- 
ques to prevent this type of piracy. For example, an 
Interrupt routine based on a timer interrupt eouid be 
added to the secured software, This routine would ex- 
amine the program counter in the user system central 
processing unit and would eliminate or overwrite the 
program from memory once the program counter in- 
formation indicates that the program Is no longer run- 
ning. Another technique is to arbitrarily complement 
sector?, on the disk where the program Is stored to in- 
dicate that the program Is running and to complement 
those sectors again when the program is finished in 
order to restore these sectors.. This would make a 
copy of ihe program from memory that does not go 
through the normal startup/? inlsb sequence damag- 
ing to the information on the disk. The program state 
could not: be captured at an arbitrary point saved to 
disk, and later restored for further executions. The 
disadvantage is that power outages, resets, or other 
ahncrmai terminations would leave the disk In the al- 
tered state. Anotherlechniqee would he -to encode the 
system time into the program's memory image, and 
check it with the current system time on a frequent oa- 
sis. The program could he eliminated if the system 



time nes large discontinuities fhat indicate the pro- 
gram may have been saved and restored for iatar exe- 
cution, Ysi another -echnioue would be to encode 
sensitive :n;ormshon about ihe user into the pro- 

5 gram's memo!".' ; mage. This co-j;o he a credit cam 
number or toe user's phone number This would not 
only discourage giving away copies of executable 
memory images iiiegaliy saved, but would also asiew 
iraeeback to the source of she de-secured or aile^ee 

■so software. One exiled In the art: could implement 
these and other seohniques -o prevent piracy by copy- 
ing en executable copy of Ihe program kern memory. 

in adoihon to the above, various other security 
enhancements err; possible. For example, a develop- 

<s ers -ooikit couki provide methods of charging other 
than on a per use basis. This might include charging 
by the numoerof f iies created, by she hour or day, etc. 
Also, It might he possible to ellow single calls to more 
expensive telephone numbers to autocrine rnuiilpis 

a 1 usee. Fur example, if each use cost $0,71; on e per 
use basis, a can to another number might cost S6.00 
and aurhorire 10 uses, while another number might 
cos; $50.00 and auihorize SOD uses, giving -he user 
a substantia* volume discount. These "developer's 

28- toolkit" oenved versions of the secured software 
woulo have to bo able to save themselves on disk in 
a semi -secured form wish a sof-ware counrer that 
keeps -.rack of the number o! executions/operations 
ieft. it would aiso be considerably easier to make un- 

30 aorhortaKi copies and illegally dislncuto copies witn 
the "couu-ers" set to high values. Embedding ihe 
user's- verified credit card number and phone number 
would probably sreveni most peooie from distributing 
Illegal copies. Anotber way to trace illegal copies of 

3S semi- secured discouu; volume usage sot > ware would 
be -o randomly, for example ones every 5 ■ 10 exe- 
cutions, eras* a byte of the program's image from 
memory and disk and then require the user -o call a 
telephone number. The user would then provide the 

48 number displayed on ihe screen, forexampie the pro- 
gram sD and the emsed address, and -he feiechone 
response system would give cacK wnat was missing, 
in inis way ;s record of telephone numbers is cesier- 
a-eri c;;' users with semi-secured volume usage soft- 

4$ ware. If a comcanson el ihis nusnber hsl generated 
large call volumes -from numbers the; were no; on ihe 
per caii service fee number list, than those numbers 
may have illegal copies of unsecured soltwars. With 
a deveiocer s toolkit, random ccmhinenons of secur- 
es ity methods m:gh! be applied to a particular piece of 
software so fhat the memoes for securing rfi?fen»rtt 
pieces (if software are different, Developing a meth- 
od to break one software package wouid not be ap- 
piicabie fo ietc-r versions of the same or different soft- 

§g ware packages. These and oiher s^corlry techniques 
to prsventthe unaotlxf ii;ed (leer yptlon cf tiie sticure-i 
software could be readily impiememed by tncs-e skil- 
led In the art, 
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in each of the embodiments described above, 
there are several possible variations for the transmis- 
sion of data between the validation system 160 and 
trse user systam 140. in the simplest, a user rnay caii 
a telephone number and speak to a person who has 
access to the validation system, The two human op- 
erators could communicate the information ora%. 
The software user would then provide the required in- 
formation to the user system. Another variation would 
be for the user to caii a telephone number which con- 
nects the user la an automated response sy stem eon-, 
nested to the validation system. Is this esse, She m&e 
could «se a telephone keypad to pass Information to 
the validation system, and the 'validation system 
couid pass informai&m hack to the userby voice syn- 
thesis or recording. A further variation weoid foe to 
transmit data b&mm the systems via modem. In this 
way, the user system would communicate directly 
with the validation system: via electronic communica- 
tions. Thus, the validation of the secured software 
would he almost transparent to the user. 

it is to fee understood that the embodiments and 
variations shown and described herein are illustrative 
of the principles of this invention only and that various 
modifications' may be implemented by those skilled in 
the art without departs rtg from the scope and spirit of 
tha Invention. 



Claims 

1. A system for the validation and use of secured 
computer software comprising: 

a software validation system; 

a software user system comprising se- 
cured software; 

a communications network connected to 
the software validation system and the software 
user system for the transmission of data between 
the systems; 

said software validation system compris- 
ing: 

means for storing at least one decryption 

key, 

means for receiving from said user system 
over said communic-allons network an identifica- 
tion of said secured software, 

means for recording the receipt of said 
identification of secured software, and 

means for transmitting to said user system 
over said communications network a decryption 
key chosen from said at least one stored decryp- 
tion key, wherein said chosen decryption key is 
capable of decrypting said identified secured 
softwares; 

said software user system further com- 
prising; 

means for transmitting said secured soft- 



ware identification to the software validation sys- 
tem over said communications network, 

means for receiving said chosen decryp- 
tion key capable of decrypting said identified se- 
5 cured software from said software validation 

system over said communications network: and 

means for decrypting sakS secured: soft- 
ware using said chosen decryption key, 

2. A sof twars validation system comprising; 

means tor storing at least one decryption 

key; 

means for receiving from a communica- 
tions network an identification of encrypted soft- 
is ware: 

means for recording the receipt of said 
identification; and 

means for transmitting to the communica- 
tions network a decryption key chosen f rem said 
20 at least one stored decryption key, wherein said 
chosen decryption key is capable of decrypting 
said identified encrypted software, and 

wherein a fee is charged for the esiahliso- 
mmt of eomcuoieatioh over the communications 
is- network. 

3. The software validation system of claim 2 further 
composing; 

means for masking said decryption key 
38 with a random number prior to transmitting it to 
the communications network. 

4. The software validation system of claim 3 f urther 
comprising means for receiving said random 

38 number from the communications network, 

Sv The software validation system of claim 2 f urther 
comprising: 

means for generating a first random nom- 

*> ber; 

means for receiving a second random 
number from the communications network;, 

means for producing a third random mm- 
per by concatenating said first random number 
4$ and said second random number; and 

means for masking said decryption key 
with said third random number prior to transmit- 
ting if to the communications network, 

m The software validation system of claims 3 or 6 
further comprising means for encrypting said 
masked decryption key prior to transmitting if to 
the communications network. 

ss ?, The software validation system of dalm 6 where- 
in said means for encrypting Is by use of a puhlic 
key encryption algorithm. 
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I, Tile sof tware vsiidat»o?i system of claim Z further 
comprising; 

means for generating a first random sum- 
bar; 

means for encrypting said first random 
number; 

nmsm for transmitting said encrypted 
! irst random number to the communications net- 
work; 

means for receiving an encrypted second 
.random mmtosr from the communications net- 
work, wherein said eecend random: rsimbor com- 
prises a first section and a second section; 

means for decrypting said second random 
number; and 

tmms for masking sskS decryption key 
with said second random mimesr prior to trans- 
mitting it to the communications network- 



masked and encrypted prior fo receipt, the sys- 
tem further comprising: 

means for decrypting said encrypted 
masked decryption key; 
$ means for generating a random number: 

moans for transmitting said random num- 
ber to the communications network; and 

means for unmasking said encrypted 
masked decryption key with said random mm- 

13. The software user computer system of claim 10 
further comprising means for preventing the un- 
authorised deer yption cf said encrypted comput- 
<s »f program code if communication over ins corn- 

municaf ions net work has net bsen initiated by a 
telephone caii which results in a per cali aervice 
fee. 



& The software validation system of claim S further zn 
comprising; 

means for determining whether said first 
or second section of said second random number 
is eouai to said first random number; and 

means for masking said decryption key ss- 
with said second random number prior to trans- 
milting only if said first or second section of said 
second random number is eouai to said f irst ran- 
dom number, 

30 

1:8. A software user computer system for lire exeeu- 
fion of secured software, the sysfarn comprising; 

encrypted computer program code: 

means fortransmitting an identification of 
the enerypied : computer program code to a corn- 38 
roun leaf ions network ; 

means for receiving a decryption key from 
the communications network, said decryption 
key capabfe of decrypting said encrypted com- 
puter program code; and *> 

means for decrypting said encrypted com- 
puter program code with said decryption key: 

wherein a foe is charged for the initiation 
of the communication over the communications 
network. *s 

1:1, The software user computer system of ciaim 10 
wherein said received decryption key has been 
masked prior to receipt, the system f urfher com- 
prising:, m 

means for generating a random number; 

means for transmitting said random num- 
ber to the communications network: and 

means for unmasking said masked de- 
cryption key with said random number; 

It. The software user computer system of ciaim 10 
wherein said received decryption key has been 



14. A software user computer system for the execu- 
tion of -secured software, the system comprising; 

encrypted computer program code; 

means for transmitting a software identi- 
fication identifying the encrypted compoter pro- 
gram code to a communications network; 

means for generating a first: random num- 
ber; 

means for receiving a second random 
number: 

means for combining said first and second 
random number to produce a third random num- 
ber; 

means for receiving a masked decryption 
key capable of decrypting said encrypted com- 
puter program code: 

means for enmasktng said masked de- 
cryption key with said third random number; and 

means for decryptlny said encrypted com- 
puter program code with said decryption key* 

wherein a fee is charged: for the initiation 
of the communication over the communications 
network. 

1 5. The system of cfaims 1 , 2. 1 0 or 1 4 wherein com- 
munication: over the communications network is 
initiated by a tefephone calf which results In a per 
caff service fee.. 

16. The software user computer system of ciaim H 
wherein said masked decryption key is encrypted 
prior to receipt, said system further comprising 
means for decrypting said encrypted rnas&sd key- 
prior to unmasking said key. 

17. The software user computer system of ciaim 14 
wherein said second random number is encrypt- 
ed prior to receipt and said masked decryption 
key is encrypted prior to receipt, said system fur- 



15 



BP 0 §53 8iV5 A2 



16 



ther comprising: 

means tor decrypting said encrypted 
masked key prior to unmasking said key, and 

means for decrypting said encrypted sec- 
ond random number prior to combining said first 
random numb** and second random n'wmbor. 

18. A computer system for the reg&lratksn of soft- 
wars and the generation of secured software 

!Vii< tlf 1 >)f s /tW 1*» tdt 1 « )'i 
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1:8, The- computer system of claim 18 wherein said 
secured software module comprises the encrypt- 
ed executable software fife and computer pro- ss- 
gram cods, said computer program code com- 
prising said moans for decrypting the executable 
Software ftte using said at ieast one key, and 

wherein said at least one key is received 
by a user only after said user places a telephone 38 
cali whkjh results In a per sag service fee, 

28. A software validation system for the registration 
of protected software, the system: comprising: 

(j»8W for receiving software* idsnifffca- 38 
tkm information from a oorornorficallons network; 

means for generating a unique software 
identification cods for said received software 
fdentifiaatiou; 

rneans for §ener attng at l«asl one crypto- *> 
graphic key; 

means for transmitting said unique soft- 
ware identification coda and at least one crypto- 
graphic key to the communications network; and 

means for storing said unique software 4$ 
identification and at least on© cryptographic key, 

wherein said at least one ts'ypiograpMc 
key will be used to generate a secured software 
module, said secured software module being 
executable by a user computer system only after ss 
receipt of said atiesstone cryptographic fesy over 
a communications network, wherein said receipt 
ot said at least one cryptographic key la Initiated 
by a telephone call which wll! result in a per call 
service fee. ss 

21. A method for the vailda1ion,and use oi encrypted 
secured software comprising the steps of: 



a user of secured software initiating a tel- 
ephone call which will result In a per call service 
fee. said teiephone call establishing comruoniea- 
lion over a communications network between 
said user and a software validation system; 

said user of siscured soffwaro transmit dng 
seeurod saftwaro idaniifiealion to the software 
validation system over the communications net- 
work: 

said software- validation system transmit- 
tsxs to said user over the mmmonscaiions net- 
work a decryption Key capahie of decrypting said 
secured software; and 

decrypting said sscored software with 
said decryptiors key, 

ZL The method of claim 21 further comprising the 
steps of: 

generssting a random number In the user 
computer system: 

transmitting said random number to the software 
validation system: 

masking said decryption: key with a ran- 
dom oom bar in said software validation system 
prior to transmitting the decryption key to the 
user: and 

sjnmasking said decryption key with said 
random number In the user's computer system, 

33, A method for validating secured computer soft- 
ware compsising the steps of: 

storing at ieasi one decryption key; 

receiving from: a communications network 
an Identification of encrypted software; 

recording the receipt of seld Identif ication; 

and 

transmitting to the communications net- 
work a decryption key chosen from said at feast 
one stoE'ed decryption key, wherein said chosen 
decryption key is capable of decrypting said iden- 
tified encrypted software, 

wherein a fee Is charged for the establish- 
ment of communication over th e commu nicatioos 
network. 

24. The method of claim 23 wherein said establish- 
ment of amsmonicatlon over the communications 
network is esiabiished by placing a feiephofje -eaJI 
which results in per call service fee. 

25. The method of claim 23 further comprising the 
step of masking said decryption key with a ran- 
dom number prior to transmitting it to the commu- 
nications network, 

2<L The method of eiaim 25 forther cornpdstno. the 
step ot receiving said randotri ru^nber from the 
communications network. 
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27, The method of daim S3 further comprising ths 
steps of; 

generating a first random number; 

receiving a second random number from 
the communications network; 

product' s tfsW random number fey con- 
catenating said firs!: remtatrv number and- said 
second random number, and 

masking said decryption key with said 
third random number prior to transmitting It to the 
eomsn u n scat \ ops net wor k, 

28. Tr«s method of claims 2$ or 27 f urther comprising 
the step of encrypting said masked decryption 
key prior to transmitting it to the communication 
network, 

2%, The method of claim 23 wherein said step of en- 
crypting is by use of a public key encryption al- 
gorithm. 



33,. The method of claim 32 wherein said received de- 
cryption key has been masked prior to receipt, 
trws method further comprising the steps oh 

generating a random number; 

transmitting said random number to the 
communications network; and 

unmasking said masked decryption key 
with said random comber, 



34 The method of cl aim 32 wherein said received de- 
cryption key has been masked and encrypted pri- 
or to receipt, the method further comprising She 
steps of: 

decrypting said encrypted masked de- 
cryption key: 

generating a random number; 

transmitting said random number to the 
communfeattofss network; and 

unmasking said encrypted masked de- 
cryption key with said random number. 



38., The method of claim 23 further' comprising the 
steps of; 

generating a first random number; 

encrypting said first random number; 

transmitting said encrypted first random 
number to the communications network; 

receiving aft encrypted second random 
number from the communications network, 
wherein said second random number comprises 
a first section and a second section;' 

decrypting said second random number; 

and 

masking said decryption key with said 
second random number prior to transmitting it to 
the communications network, 

31, The method of claim SO further comprising the 
steps of; 

detemniniog whether said f irst or second 
section of said second random number is eguai to 
said first random number; and 

masking said decryption key with said 
second random number prior to transmitting only 
it said first or second section of said second ran- 
dom number is egos! to said first random nomber. 
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3S. The method of claim 32 further comprising the 
step of; 

preventing the unauthorised decryption of 
said encrypted computer program code If com- 
munication over the communications network 
ties not been initialed by a telephone caii result- 
ing in e per caii service fee, 

3§. A method for the execution of encrypted secured 
software comprising the steps of: 

initiating coromonicaboc over a eomrnurtl- 
cations network which results in a service fee; 

transmitting a software Idontl float ion 
identifying the secured software to the commu- 
nications network; 

generating a first random number; 

receiving a second random number; 

combining; said first and second random 
number to produce a third random comber; 

receiving a masked decryption key eapa- 
bie of decrypting said secured software; 

unmasking said masked decryption key 
with said third random number; 

decrypting said secured sof'tware with 
said decryption key, 



82. A method for the execution of encrypted secured 
software comprising the steps of; 

Initiating communication over a communi- ss 
cations network which results in a service fee; 

transmuting an identification of the se- 
cured software to the communications network; 

receiving -a decryption key from the com- 
rnunicriflons network, said decryption key oapa- ss 
hie of decrypting said secured software; and 

decrypting said secured software with 
said decryption key. 



37, The method of cialms 32 or 36 wherein said step 
of initiating communication over a communica- 
tions network comprises the step of placing a tel- 
ephone eat! resulting in a per caii service fee, 

3& T he method of claim 36 wherein said masked de- 
cryption key is encrypted prior to receipt, said 
method further comprising die step of decrypting 
said encrypted masked key prior to unmasking 
said key. 
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3§. Th© metriod of efalrn 36 wherein said second ran- 
dom msnbssr is encrypted prior to recalpiand said 
masked dacr yptton key is encrypted prior fa re- 
eeipt said method fwtim comprising, the steps 

Oft 5 

decrypting said encr yptsd masked key pri- 
or i<s unmasking said key; and 

decrypting said encrypted second random 
number prior to combining said first random num- 
ber and sacond random nymbsr. w 

48. A method for th*. registration of software and the 
generation of secured software comprising the 
steps; 

transmitting software identification infer- <s 
mation to a communications network; 

receiving at feast one key and a unique 
softwsr© identification from the communications 
network; and 

encrypting an executable software file us- so 
ing said at least one key So create a secured soft- 
wars modate, 

whareln said exeeofesbte software file is 
aapaDle of being executed by a «s«f only after re- 
ceipt of said at least one key, ss- 

41. The method of daim 40 wherein said at feast ons 
key ss received by a user only after said: osac ini- 
tiates a teiephooe caii So a telephone number 
which results m a per call earviea fee. 38 

42. A software validation method for tbe registration 
of protected software comprising tbe steps: 

receiving software Identification informa- 
tion from a communications network; 38 

generating a unique software tdaotif sca- 
fion code for said received software Identifica- 
tion; 

generating ai least one* cryptographic key ; 

transmitting said unsctcs software identii i- *> 
cation code and af least one cryptographic key to 
ftse communications network; and 

storing said unique software idar;;i fixation 
and at lesst one cryptographic key : 

therein sa:d at iesst one cryptographs 4$ 
key vv;i: ce used to generate a caenred software 
mosiwia, said assured software module being 
executable by a user computer system only af let 
receipt of said at least one cryptographs key over 
a communications network, wt-eres said recast ss 
of said at iaasi one cryptographic key is initiated 
by s telephone eaSS which will result in a par cail 
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